Today, companies deliver great amounts of information to customers and other communication parties via the Internet. The information may comprise marketing information or subscribed information in the form of e.g. newsletters. To an ever-increasing extent, companies also choose to deliver core business information, such as invoices, account statements, insurance statements, salary statements, etc. For this type of information, there are strong requirements that it should be possible to verify at the recipient side:                that the information has not been altered, which is often referred to as a verification of information integrity, and        which party produced the information, which is often referred to as provision of non-repudiation.        
Currently, there are solutions available that meet these requirements. One example is to use Public Key Infra-structure, PKI, to seal information with a certificate issued by a certificate authority.
However, this technology has shortcomings. In order to correctly verify who produced the information, it is important to have access to information concerning revocation of certificates. For certificates aimed at e.g. consumers or citizens, this type of information can be provided as a service from a certificate authority. This type of service is however not always provided for certificates used by companies and organizations. Also, information pertaining to revoked certificates is typically only provided for an initially set “lifetime” of the respective certificates, which typically is set at the time of issuing the certificates.